<?php

class RecoveryController extends Controller
{
	public function actionIndex()
	{
		$this->pageTitle = UserModule::t('Recovery');

		Yii::app()->menu->set('breadcrumbs', array(
			UserModule::t('Users') => array('/user'),
			$this->pageTitle
		));
		
		$form = new FormUserRecovery;
		
		if (Yii::app()->user->id)
		{
			$this->redirect(array(''));
		}
		else
		{
			if(isset($_POST['FormUserRecovery']))
			{
				$form->attributes=$_POST['FormUserRecovery'];
				
				if($form->validate())
				{
					$model = User::model()->notsafe()->findbyPk($form->id);
					
					if($model)
					{
						$model->secret     = $this->module->encrypt(microtime() . rand(1, 99999) . $model->email);
						$model->secrettime = time() + $this->module->security['timeout']['recovery'];
						
						if($model->save())
						{
							$activation_url = 'http://' . $_SERVER['HTTP_HOST'] . $this->createUrl(implode($this->module->urls['recoveryCommit']), array('email' => $model->email, 'secret' => $model->secret));

							$subject = UserModule::t(
								'{site_name} - Password Recovery',
								array('{site_name}' => Yii::app()->name)
							);
							
							$message = UserModule::t(
								'You have requested a password recovery on {site_name}. To receive a new password, go to {activation_url}.',
								array('{site_name}' => Yii::app()->name, '{activation_url}'=>$activation_url)
							);
							
							UserModule::sendMail($model->email, $subject, $message);
						}
					}
					
					Yii::app()->user->setFlash(
						'recovery',
						UserModule::t('Please check your email. An instructions was sent to your email address.')
					);
					
					$this->refresh();
	    		}
	    	}
	
			$this->render('index', array('form' => $form));
		}
	}
	
	public function actionCommit()
	{
		if (Yii::app()->user->id)
		{
			$this->redirect($this->module->urls['default']);
		}
		else
		{
			$this->pageTitle = UserModule::t('Change Password');

			Yii::app()->menu->set('breadcrumbs', array(
				UserModule::t('Users') => $this->module->urls['base'],
				UserModule::t('Recovery') => $this->module->urls['recovery'],
				$this->pageTitle
			));
			
			$form = new FormUserRecoveryCommit;
			
			if(isset($_POST['FormUserRecoveryCommit']))
			{
				$form->attributes = $_POST['FormUserRecoveryCommit'];
				
				if($form->commit())
				{
					Yii::app()->user->setFlash(
						'recovery',
						UserModule::t('Password changed successfully.')
					);
					
					$this->render('commit', array('message' => UserModule::t('Password successfully set, you may login now.')));
				}
				else
				{
					if($form->hasErrors())
					{
						$this->render('commit', array('form' => $form));
					}
					else
					{
						$this->render('commit', array('message' => UserModule::t('Invalid recovery request.')));
					}
				}
			}
			else
			{
				$form->email  = isset($_GET['email'])  ? $_GET['email']  : '';
				$form->secret = isset($_GET['secret']) ? $_GET['secret'] : '';
				
				if(empty($form->email) || empty($form->secret))
				{
					$this->render('commit', array('message' => UserModule::t('Invalid recovery request.')));
				}
				else
				{
					$this->render('commit', array('form' => $form));
				}
			}
		}
	}

}